Instruction/ maintenance manual of the product EMG5324-D10A ZyXEL Communications
Go to page of 382
www .zyxel.com www .zyxel.com EMG5324-D10A Wireless N GbE V oIP IAD with USB IMPORT ANT! READ CAREFULL Y BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Copyright © 2012 ZyXEL Communications Corporation V ersion 3.00 Edition 1, 4/2012 Default Login Details LAN IP Address https://192.
EMG5324-D10A User’s Guide 2 IMPORT ANT! READ CAREFULL Y BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Graphics in this book ma y differ slightly from the product due to difference s in oper ating systems, operating system versions, or if y ou installed updated firmware/software fo r your device.
Contents Overview EMG5324-D10A User’s Guide 3 Contents Overview User ’ s Guide ......................................................................................... ......................... ..................... 15 Introduction ........... ..
Contents Overview EMG5324-D10A User’s Guide 4.
Table of Conten ts EMG5324-D10A User’s Guide 5 Table of Contents Contents Overview .............................................................................. ............................... ................. 3 Table of Contents .................
Table of Contents EMG5324-D10A User’s Guide 6 3.5 Using the File Sharing Feature . ... .... ... ............. ... ... ... .... ... ... ... .... ... ... ... ... .... ... ............. ... ... ... . ...... ....... 42 3.5.1 Set Up File Sharing ...... .
Table of Conten ts EMG5324-D10A User’s Guide 7 6.2 The Wireless General Screen ..... .... ... ... ... ............. ... .... ... ... ... .... ... ... ... ... .... ... ... ... .... ............ .. ........ .... 97 6.2.1 No Security ................ .
Table of Contents EMG5324-D10A User’s Guide 8 Chapter 9 Quality of Service (QoS) ............................................................ ........................................... ............ 149 9.1 Overview ... ... ... ... ............. ...
Table of Conten ts EMG5324-D10A User’s Guide 9 12.2 The Interface Group Screen .... ... .... ............ .... ... ... ... ............. .... ... ... ... ............. ... .... ... ... ....... ........... 175 12.2.1 Interface Group Configur ation . .
Table of Contents EMG5324-D10A User’s Guide 10 Chapter 17 VPN ................................................... ..................................................... .................... ........................ 201 17.1 Overview .................
Table of Conten ts EMG5324-D10A User’s Guide 11 Chapter 19 Logs ....................................... .................................................... ............................... ........................ 243 19.1 Overview ................ .
Table of Contents EMG5324-D10A User’s Guide 12 Chapter 26 Log Setting ...................................... ................................................................ ............. .................... 263 26.1 Overview ................ .....
Table of Conten ts EMG5324-D10A User’s Guide 13 Appendix F IPv6 .............................................................. ................................................ ................. 357 Appendix G Legal Information ......................
Table of Contents EMG5324-D10A User’s Guide 14.
15 P ART I User ’ s Guide.
16.
EMG5324-D10A User’s Guide 17 C HAPTER 1 Introduction 1.1 Overview The Device is an Ethernet integrated access device (IAD), which provides V oice over IP (V oIP) communication capabilities to allow you to use a tr aditional analog telephone to make Internet calls.
Chapter 1 Introduction EMG5324-D10A User’s Guide 18 1.2.2 V oIP Features Y ou can register 1 SIP (Session Initiation Protocol) profile (2 accounts for that profile) and use the Device to make and re.
Chapter 1 Introdu cti on EMG5324-D10A User’s Guide 19 T urn the Wireless LA N On or Off 1 Make sure the POWER LED is on (not blinking). 2 Press the WLAN ON/OFF button for one second and release it. The WLAN/WPS LED should change from on to off or vice versa.
Chapter 1 Introduction EMG5324-D10A User’s Guide 20 1.4 W ays to Manage the Device Use any of the following methods to manage the Device. • W eb Configur ator . This is recommended for everyday management of the Device using a (supported) web browser .
Chapter 1 Introdu cti on EMG5324-D10A User’s Guide 21 R efer to the Quick Start Guide for in formation on hardware connections. PHONE1-2 Green On A S IP account i s registered for the phone port. Blinking A t elephone connected to th e phone port has i ts receiver off of the hook or there is an incomi ng call.
Chapter 1 Introduction EMG5324-D10A User’s Guide 22 1.7 The RESET Button If you forget your password or cannot access the web configur ator , you will need to use the RESET button at the back of the device to reload the fact ory -default configuration file.
EMG5324-D10A User’s Guide 23 C HAPTER 2 Introducing the Web Configurator 2.1 Overview The web configurator is an HTML -based management interface that allows easy device setup and management via Internet browser . Use Internet Explorer 6.0 and later versions, Mozilla Firefox 3 and later versions, or Safari 2.
Chapter 2 Introducing the Web Configurator EMG5324-D10A User’s Guide 24 Note: Fo r securi ty reasons, the Device automa tically logs y ou out if you do not use the web configur ator for five minu tes (defau lt). If this happens, log in again. 5 The following screen displays if you ha ve not yet changed your password.
Chapter 2 Introducing the Web Configurator EMG5324-D10A User’s Guide 25 2.2 The W eb Configurator Layout Click Connecti on Status > System In fo to show the following screen. Figure 8 W eb Configurator Lay out As illustrated abov e, the main screen is divided into these parts: • A - title bar • B - main window • C - navigation panel 2.
Chapter 2 Introducing the Web Configurator EMG5324-D10A User’s Guide 26 2.2.2 Main Window The main window displays information and configurat ion fields. It is discussed in the rest of this document. After you click Sy stem Info on the Connect ion Status scree n, the System Info screen is displayed.
Chapter 2 Introducing the Web Configurator EMG5324-D10A User’s Guide 27 Wireless General Use this screen to turn the wireless connect ion on o r off , specify the SSID(s) and co nfigure the wirele ss LAN settings and WLAN authentication /s ec u r it y se tt in gs.
Chapter 2 Introducing the Web Configurator EMG5324-D10A User’s Guide 28 MAC Filter MAC Filter Use this scre en t o allow specific de vi ces to access the Device. Par e nt a l Control P arental Control Use this screen to define time periods and da ys during which the Device performs parental control and/or block web sites with the specific URL.
Chapter 2 Introducing the Web Configurator EMG5324-D10A User’s Guide 29 Backup/ Res t o r e Backup/Restore Use this screen to backup and restore your devi ce’ s configuration (settings) or reset the factory defau lt settings. Re boot Reboot Use this screen to reboot th e Device without turning the powe r off .
Chapter 2 Introducing the Web Configurator EMG5324-D10A User’s Guide 30.
EMG5324-D10A User’s Guide 31 C HAPTER 3 Tutorials 3.1 Overview This chapter contains the following tutorials: • How to Set up a Wireless Network • Setting Up NA T Port F orwarding • How to Mak.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 32 3.2.2 Configuring the AP Follow th e steps below to configure the wireless settings on your AP . 1 Open the Network Setting > Wireless > General screen in the AP’ s web configurator . Tutorial: Network > Wireless LAN > General 2 Make sure Enable Wireless LAN is selected.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 33 6 Click Connection Status > System Info .V erify your wireless and wire less security settings under Device Information and check if the WLAN connection is up under Interface S tatus . Tutorial: Network > Wireless LA N > SecuritOpe n the Status screen .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 34 point, you must know its Service Set IDentity (SSID) and WP A -PSK pre-shared key . In this example, the SSID is “SSID_Example3” and the pre-shared key is “12MyWPAPSKpresharedkey34” .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 35 4 The Confirm Save window appears. Check your settings and click Save to continue. Tutorial: Co nfirm Sa ve 5 The Z yXEL utility returns to the Link Info screen while it connects to the wireless network using your settings.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 36 1 Open the Z yXEL utility and click the Profile tab to open the screen shown next. Click Add to configure a new profile. Tutorial: Pr ofile 2 The Add New Profile screen appears. The wireless client automatically searches for av ailable wireless networks, and displays them in the Scan Info box.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 37 5 This screen varies depending on the encryption method y ou selected in the previous screen. Enter the pre-shared key and leave the encr yption type at th e default setting. Tutorial: Pr ofile En cryption 6 In the next screen, leave both boxes selected.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 38 Note: Only one pr ofile can be act ivated and u sed at any given time . Tutorial: Activate 9 When you activ ate the new profile, the ZyXEL utilit y returns to the Link Info screen while it connects to the AP using your settings.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 39 2 Enter the following values: 3 Click Apply . 4 The port forwarding settings you configured should appear in the table.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 40 The following parameters are used in this example: 3.4.1 V oIP Calls With a Registered SIP Account T o use a registered SIP account, you should config ure the SIP se rvice provider and applied for a SIP account.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 41 5 Go to the SIP Account screen, click the Edit icon of SIP 1 . 6 Select the Active SIP Account check box, then enter the SIP Account Number , Username , and Password . Leave other settings as def ault.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 42 3.4.1.3 Analog P hone Configuration 1 Click VoIP > Phone to open the Phone Device screen. Click the Edit icon next to Analog Phone 1 to configure the first phone port.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 43 • Access the shared files of your USB device from a computer 3.5.1 Set Up File Sharing T o set up file sharing you need to connect your USB device, enable file sharing and set up your share(s). 3.5.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 44 3 Y ou can add a description for the share or leav e it blank. The Add Sh are Directory screen sh ould look like the following.Click Apply to finish. Tutorial: USB Services > File Sha ring > Sha re Config uration 4 This sets up the file sharing server .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 45 This section shows you how the media serv er feature works using the following media clients: • Microsoft (MS) Windows Media Play er Media Server works with Windows Vista and Windows 7. Make sure your computer is able to play media files (music, videos and pictures).
Chapter 3 Tutorials EMG5324-D10A User’s Guide 46 Windows V ist a 1 Open Windows Media Player and click Library > Media Sharing as follows. Tutor ia l: Media Shari n g using Windows Vista 2 Check Find media t hat others are sharing in the following screen and click OK .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 47 3 In the Library screen, check the left panel. The Windows Media Player should detect the Device. Tutor ia l: Media Shari ng using Windows Vista (3) The Device displays as a playlist.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 48 2 Select a category in the left panel and wait for Windows Media Play er to connect to the Device. Tutor ia l: Media Shari n g using Windows 7 (2) 3 In the right panel, you should see a list of files a vailable in the USB stor age device.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 49 1 Connect the DMA-2500 to an a vailable LAN port in your Device. Tutoria l: Media Server Setup (Using DMA ) 2 T urn on the TV and wait for the DMA-2500 Home screen to appear . Using the remote control, go to MyMedia to open the following screen.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 50 3.7 Using the Print Server Feature In this section you can: • Configure a TCP/IP Printer P ort • Add a New Printer Using Windows • Add a New Printer Using Macintosh OS X Configure a TCP/IP Printer Port This example shows how you can configure a TCP/IP printer por t.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 51 3 Right click on your printer and select Pr operties . Tutorial: Op en Printer Propert ies 4 Select the Ports tab and click Add Port... Tutorial: Print er Pr op er t ie s Wi nd ow 5 A Printer Ports window appears.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 52 6 Add Standar d TCP/IP Printer Port Wizard window opens up. Click Next to start configuring the printer port. Tutorial: Add a Por t Wi za rd 7 Enter the IP address of the Device to which the printe r is connected in the Printer Na me or IP Address: field.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 53 8 Select Custom under Device Type and click Settings . Tutorial: Cu stom Por t Settings 9 Confirm the IP address of the De vice in the IP Addre ss field. 10 Select Raw under Protocol . 11 The Port Number is automatically configured as 9100 .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 54 12 Continue throug h the wizard, apply your settings and close the wizard window . Tutorial: Finish Add ing the TCP/IP Port 13 Re peat steps 1 to 12 to add thi s printer to other computers on yo ur network.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 55 1 Click Start > Control Panel > Printe rs and Faxes to open the Printers and Faxes sc reen. Click Add a Printer . Tuto r ial: Prin ters Folder 2 The Add Printer Wizard screen displays. Click Next .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 56 3 Select Local printer attached to t his computer and click Next . Tutorial: Add Printe r Wizard: Loc al or Networ k Printer 4 Select Create a new port and Standard TCP/ IP Port .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 57 5 Add Standar d TCP/IP Printer Port Wizard window opens up. Click Next to start configuring the printer port. Tutorial: Add a Por t Wi za rd 6 Enter the IP address of the Device to which the printe r is connected in the Printer Na me or IP Address: field.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 58 7 Select Custom under Device Type and click Settings . Tutorial: Cu stom Por t Settings 8 Confirm the IP address of the Device in the Printer Name or IP Address field. 9 Select Raw under Protocol . 10 The Port Number is automatically configured as 9100 .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 59 11 Click Finish to close the wizard window. Tutorial: Finish Add ing the TCP/IP Port 12 Select the make of the printer that y ou want to connect to the print server in the Manufacturer list of printers.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 60 16 If the following screen displays, select Keep existing driver radio button and click Next if y ou already have a printer driv er installed on your computer and you do n ot want to change it.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 61 18 The Device is a print server it self and you do not need to have your computer act as a print server by sharing the pr inter wit h other users in the same network; just select Do not share this printer and click Next to proceed to the following screen.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 62 20 The following screen shows your current printer settings. Select Fi nish to complete adding a new printer . Tutorial: Add Printe r Wizard Comp lete Add a New Printer Us ing Macintosh OS X Complete the following steps to set up a print server driver on your Macintosh computer .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 63 4 Double-click the Utilities folder . Tutorial: Ap plications Folder 5 Double-click the Print Center icon. Tutorial: Utili ties Folder 6 Click the Add icon at the top of the screen. Tuto rial: Pri nter Li st Fold er 7 Set up your printer in the Printer List configuration screen.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 64 11 Select your Pr inter Mod el from the drop-down l ist box. If the printer's model is not listed, select Generic . Tuto r ial: Prin te r Configu ration 12 Click Ad d to select a printer model, save and close the Printer List configur ation screen.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 65 3.8 Configuring th e MAC Address Filter Thomas noticed that his daughter Josephine spends too much time surfing the web and downloading media files. He decided to prevent Jo sephine from accessing the Internet so that she can concentrate on preparing for her final exams.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 66 3.9 Configuring S t atic Ro ute for Routing to Another Network In order to extend your Intranet and control traffic flowin g directions, y ou ma y connect a router to the Device’s LAN. The router may be used to se parate two department networks.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 67 Y ou need to specify a static routin g rule on the Device to specify R as the router in charge of forwarding tr affic to N2 . In this case, the Device routes tr affic from A to R and then R routes the traffic to B .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 68 •T y p e 192.168.1.25 3 ( R ’ s N1 address) in the Gateway IP Address field. Click Apply . The Routing screen should display the route y ou just added. Now B should be able to receive tr affic from A .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 69 Note: QoS is app l i ed to traffic fl ow ing out of the Device. T raffic that does not match this class is assigned a priority queue based o n the internal QoS mapping table on the Device. QoS Example 1 Click Network Setting > QoS > General and check Active .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 70 3 Go to Network Setting > QoS > Class Setup . Click Add new Classifier to create a new class. Check Active and follow the settings as shown in the screen below .
Chapter 3 Tutorials EMG5324-D10A User’s Guide 71 4 V erify that the queu e setup works by checking Network Setting > QoS > Monitor . This shows the bandwidth allotted to e-mail traffic compared to other network tr affic. Tutoria l: Advanced > QoS > Monitor 3.
Chapter 3 Tutorials EMG5324-D10A User’s Guide 72 3.1 1 .1 Registering a DDNS Account on www .dyndns.org 1 Open a browser and type h ttp://www.dyndns.org . 2 Apply for a user account. This tutorial uses UserName1 and 12345 as the username and password.
73 P ART II T echnical Reference The appendices provide general information. Some details may not apply to your Device..
74.
EMG5324-D10A User’s Guide 75 C HAPTER 4 Connection Status and System Info 4.1 Overview After you log into the web configur ator , the Connectio n Status screen appears. This shows the network connection status of the Device and clients connected to it.
Chapter 4 Connection Status and System Info EMG5324-D10A User’s Guide 76 If you prefer to view the status in a list, click List Vie w in the Viewing mode selection box. Y ou can configure how often you want the Device to update this screen in Refresh Interval .
Chapter 4 Connection Status and System Info EMG5324-D10A User’s Guide 77 4.3 The System Info Screen Click Connecti on Status > System Info to open this screen.
Chapter 4 Connection Status and System Info EMG5324-D10A User’s Guide 78 Mode This is the method of encapsulation used by your ISP . IP Address This field displays the current IP address of the Devic e in the W AN. IP Subnet Mask This field displays the curre nt subnet mask in the WAN.
Chapter 4 Connection Status and System Info EMG5324-D10A User’s Guide 79 System Resource CPU Usage This field displays what pe rcentage of the Device’ s processing abil ity is currently used. When this percentage is close to 1 00%, the Device is runn ing at ful l load, and the throughput is not going to improve anymore.
Chapter 4 Connection Status and System Info EMG5324-D10A User’s Guide 80.
EMG5324-D10A User’s Guide 81 C HAPTER 5 Broadband 5.1 Overview This chapter discusses the Device’ s Broadband screens. Use these screens to configure your Device for Internet access. A WAN (Wide Area Network) connection is an outside connection to another network or the Internet.
Chapter 5 Broadband EMG5324-D10A User’s Guide 82 5.1.1 What Y ou Can Do in this Chapter •U s e t h e Broadba nd screen to view , remove or add a W AN interface. Y ou can also configure the W AN settings on the Device for Internet access ( Section 5.
Chapter 5 Broa dba nd EMG5324-D10A User’s Guide 83 IPv6 Introduction IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.
Chapter 5 Broadband EMG5324-D10A User’s Guide 84 Prefix Delegation Prefix delegation enables an IPv6 router to use th e IPv6 prefix (network address) received from the ISP (or a connected uplink router) for its LAN. The Device uses the received IPv6 prefix (for example, 2001:db2::/48) to generate its LAN IP address.
Chapter 5 Broa dba nd EMG5324-D10A User’s Guide 85 5.2.1 Add/Edit Internet Connection Use this screen to configure a WAN connection. Th e screen v aries depending on the interface type, encapsulation, and WA N service type you select.
Chapter 5 Broadband EMG5324-D10A User’s Guide 86 The following table describes the fields in this screen. T able 6 Broadband Add/Edit: Routing LABEL DESCRIPTION Gener al Name Enter a service name of the connection. Ty p e The Device transmi ts data over th e Ethernet W AN port.
Chapter 5 Broa dba nd EMG5324-D10A User’s Guide 87 Authentica tion Mode The Device supports PAP (P assword Authen ti cation Protocol) and CHAP (Challenge H a n d s h a ke A u t h e n t i c a t i o n P r o t o c o l ) . C H A P i s m o r e s e c u r e t h a n P A P ; h o w e v e r , PA P i s r e a d i l y avail able on more platforms.
Chapter 5 Broadband EMG5324-D10A User’s Guide 88 5.2.1.2 Bridge Mode Click the Add new WAN Interface in the Network Setting > Broadband screen or the Edit icon next to the connection you want to configure. Select Bridge as the encapsulation mode.
Chapter 5 Broa dba nd EMG5324-D10A User’s Guide 89 5.3 The 3G Backup Screen Use this screen to configure your 3G settings. Click Broadband > 3G Backup . Note: The actual data r ate you obtain va ries depending the 3G card you use, the si gnal strength to the service provider ’ s base station, and so on.
Chapter 5 Broadband EMG5324-D10A User’s Guide 90 The following table describes the labels in this screen. T able 8 Network Setting > Broadband > 3G Backup LABEL DESCRIPTION 3G Backu p Select Enable 3G Backup to have the Device use the 3G connection as y our WAN or a backup when the wired WAN connecti on fails.
Chapter 5 Broa dba nd EMG5324-D10A User’s Guide 91 5.4 T echnical Reference The following section contains additional technica l information about the Device features described in this chapter . Encap sulation B e s u r e t o u s e t h e e n c a p s u l a t i o n m e t h o d r e q u i r e d b y y o u r I S P .
Chapter 5 Broadband EMG5324-D10A User’s Guide 92 In Multi- T enant Unit (MTU) applications, VLAN is vital in providing isolation and security among the subscribers.
Chapter 5 Broa dba nd EMG5324-D10A User’s Guide 93 DNS Server Address Assignment Use Domain Name System (DNS) to map a domain name to its corresponding IP address and vice versa, for instance, the IP addr ess of www .
Chapter 5 Broadband EMG5324-D10A User’s Guide 94 3G Comparison T able See the following table for a comparison between 2G, 2.5G, 2.75G and 3G wireless technologies.
EMG5324-D10A User’s Guide 95 C HAPTER 6 Wireless 6.1 Overview This chapter describes the Device’s Network Setting > Wireless screens. Use these screens to set up your Device’ s wireless connection.
Chapter 6 Wireless EMG5324-D10A User’s Guide 96 The following figure provides an example of a wireless network. Figure 19 Example of a Wireless Network The wireless network is the part in the blue circle.
Chapter 6 Wireless EMG5324-D10A User’s Guide 97 6.1.3 Before Y ou Begin Before you start using these screens, ask yourself the following questions. See Section 6.8 on page 109 if some of the terms used here do not make sen se to you. • What wireless standards do the other wireless devices support (IEEE 802.
Chapter 6 Wireless EMG5324-D10A User’s Guide 98 The following table describes the labels in this screen. 6.2.1 No Security Select No Security to allow wireless stations to communicate with the access po ints without any data encryption or authentication.
Chapter 6 Wireless EMG5324-D10A User’s Guide 99 Note: If you do no t ena b l e any wi rele ss se curi ty on yo ur D e v ice, your netw o rk is accessible to any wireless networking device that is within range. Figure 21 Wireless > General: No Security The following table describes the labels in this screen.
Chapter 6 Wireless EMG5324-D10A User’s Guide 100 In order to configure and enable W EP encryption, click Network Settings > Wireless to display the General screen. Selec t Basic as the security level. Then select Static WEP or Shared WEP from the Security Mode list.
Chapter 6 Wireless EMG5324-D10A User’s Guide 101 6.2.3 More Secure (WP A(2)-PSK) The WPA -PSK security mode provides both improv ed data encryption and user authentication ov er WEP . Using a Pre-Shared K ey (PSK), both the Device and the connecting client share a common password in order to validate the connection.
Chapter 6 Wireless EMG5324-D10A User’s Guide 102 6.2.4 WP A(2) Authentication The WPA2 security mode is currently the most robust form of encryption for wireless networks. It requires a RADIUS server to authenticate user cr edentials and is a full implementation the security protocol.
Chapter 6 Wireless EMG5324-D10A User’s Guide 103 The following table describes the labels in this screen. 6.3 The More AP Screen The Device can broadcast up to four wireless ne twork names at the same time. This m eans that users can connect to the Device using different SSIDs.
Chapter 6 Wireless EMG5324-D10A User’s Guide 104 The following table describes the labels in this screen. 6.3.1 Edit More AP Use this screen to edit an SSID profile. Click the Edit icon next to an SSID in the More AP screen. The following screen displays.
Chapter 6 Wireless EMG5324-D10A User’s Guide 105 6.4 The WPS Screen Use this screen to configure WiFi Protected Setup (WPS) on your Device. WPS allows you to quickly set up a wireless network with strong security , without having to configure security settings m anually .
Chapter 6 Wireless EMG5324-D10A User’s Guide 106 Click Network Setting > Wireless > WPS . The following screen displays. Select Enable and click Apply to activate the WPS fun ction.
Chapter 6 Wireless EMG5324-D10A User’s Guide 107 6.5 The WMM Screen Use this screen to enable or disable Wi-Fi Mult iMedia (WMM) wireless networks for multimedia applications. Click Network Setting > Wireless > WMM . The following scree n displays.
Chapter 6 Wireless EMG5324-D10A User’s Guide 108 The following table describes the labels in this screen. 6.6 Scheduling Screen Click Network Setting > Wireless > Scheduling to open the Wireless LAN Scheduling screen. Use this screen to configure when the Devi ce enables or disables the wireless LAN.
Chapter 6 Wireless EMG5324-D10A User’s Guide 109 6.7 The Channel S t atus Screen Use the Channel St atus screen to scan wireless LAN channel noises and view the results. Click Network Setting > Wireless > Channel Status . The screen appears as shown.
Chapter 6 Wireless EMG5324-D10A User’s Guide 11 0 6.8.1 Additional Wireless T erms The following table describes some wireless networ k terms and acronyms used in the Device’s web configurator . 6.8.2 Wireless Security Overview By their nature, radio commun ications are simple to intercept.
Chapter 6 Wireless EMG5324-D10A User’s Guide 111 and does not include real words. For example, if your mother owns a 1970 Dodge Challenger and her favorite movie is V anishing P oint (which y ou know was made in 1971) you could use “70dodchal71vanpoi” as your security key .
Chapter 6 Wireless EMG5324-D10A User’s Guide 11 2 6.8.2.4 Encryption Wireless networks can use encryption to protect th e information that is sent in the wireless network. Encryption is like a secret code. If you do not know the secret code, you cannot understand the message.
Chapter 6 Wireless EMG5324-D10A User’s Guide 11 3 6.8.4 BSS A Basic Service Set (BSS) exists when all communications between wireless stations or between a wireless station and a wired network client go through one access po int (AP). Intra-BS S traffic is tr affic between wireless stations in the BSS.
Chapter 6 Wireless EMG5324-D10A User’s Guide 11 4 6.8.5.1 Push Button Configuration WPS Push Button Configuration (PBC) is initiate d by pressing a button on each WPS-enabled device, and allowing them to connect automatically . Y ou do not need to enter an y information.
Chapter 6 Wireless EMG5324-D10A User’s Guide 11 5 5 If the client device’s configur ation interface has an area for entering another device’s PIN, you can either enter the client’s PIN in the AP , or enter the AP’ s PIN in the client - it does not matter which.
Chapter 6 Wireless EMG5324-D10A User’s Guide 11 6 6.8.5.3 How WPS Works When two WPS-enabled devices connect, each device must assume a specific role. One device acts as the registrar (the device that supplies network and security settings) and the other device acts as the enrolle e (the device that receives network and security settings.
Chapter 6 Wireless EMG5324-D10A User’s Guide 11 7 connections in which it is involved. If you w ant a co nfigured AP to act as an enrollee, you must reset it to its factory defaults. 6.8.5.4 Example WPS Network Setup This section shows how security settings are distributed in an example WPS setup .
Chapter 6 Wireless EMG5324-D10A User’s Guide 11 8 In step 3, you add another access point ( AP2 ) to your network. AP2 is out of range of AP1 , so y ou cannot use AP1 for the WPS handshake with the new access point. However , y ou know that Client 2 supports the registr ar function, so you use it to perf orm the WPS handshake instead.
Chapter 6 Wireless EMG5324-D10A User’s Guide 11 9 • When you use the PBC m ethod, there is a short period (from the moment you press the button on one device to the moment you press the bu tton on the other device) when any WPS-enabled device could join the network.
Chapter 6 Wireless EMG5324-D10A User’s Guide 120.
EMG5324-D10A User’s Guide 121 C HAPTER 7 Home Networking 7.1 Overview A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is usually located in one immediat e area such as a building or floor of a building.
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 122 Subnet Mask The subnet mask specifies the network number port ion of an IP address. Y our Device will compute the subnet mask automatically based on the IP addr ess that you entered.
Chapter 7 Home Netwo rki ng EMG5324-D10A User’s Guide 123 7.1.2.3 About File Sharing Workgroup name This is the name given to a set of computers th at are connected on a network and share resources such as a printer or files. Windows automatically assigns the workgroup name when you set up a network.
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 124 Supported OSs Y our oper ating syst em must support T CP/IP ports for printing and be compatible with the RAW (port 9100) protocol. The following OSs support Device’ s printer sharing feature.
Chapter 7 Home Netwo rki ng EMG5324-D10A User’s Guide 125 7.3 The S t atic DHCP Screen This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Media Access Control) address.
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 126 Use this screen to change your Device’ s static DHCP settings. Click Network Setting > Home Networking > Static DHCP to open the following screen. Figure 38 Network Setting > Home Networking > Static DHCP The following table describes the labels in this screen.
Chapter 7 Home Netwo rki ng EMG5324-D10A User’s Guide 127 7.4 The UPnP Screen Universal Plug and Play (UPnP) is a distributed, open networking standard that uses T CP/IP for simple peer-to-peer network connectivit y between devices.
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 128 The following figure is an overview of th e Device’ s file server featur e. Co mp uter s A and B can access files on a USB device ( C ) which is connected to the Device.
Chapter 7 Home Netwo rki ng EMG5324-D10A User’s Guide 129 Each field is described in the following table. 7.5.2 Add/Edit File Sharing Use this screen to set up a new share or ed it an existing share on the Device. Click Add new share in the File Sharing screen or click the Edit icon next to an existing share.
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 130 7.6 The Media Server Screen The media server feature lets anyone on you r netw ork play video , music, and ph otos from the USB storage device connected to y our Device (without ha ving to copy them to another computer).
Chapter 7 Home Netwo rki ng EMG5324-D10A User’s Guide 131 7.7 The Printer Server Screen The Device allows you to share a USB printer on your LAN. Y ou can do this by connecting a USB printer to one of the USB ports on the Device and then configuring a TCP/IP port on the computers connected to your network.
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 132 The following table describes the labels in this menu. 7.8 T echnical Reference This section provides some technical background information about the topics co vered in this chapter .
Chapter 7 Home Netwo rki ng EMG5324-D10A User’s Guide 133 LAN TCP/IP The Device has built-in DHCP server capabilit y that assigns IP addresses and DNS servers to systems that support DHCP client capability .
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 134 Device Print Server Comp atible USB Printers The following is a list of USB printer models compatible with the Device print serv er .
Chapter 7 Home Netwo rki ng EMG5324-D10A User’s Guide 135 HP Deskjet 1220C HP Deskjet F4185 HP Laserjet 1022 HP Laserjet 1200 HP Laserjet 2200D HP Laserjet 2420 HP Color Laserjet 1500L HP Laserjet 3.
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 136 7.9 Inst alling UPnP in Windows Example This section shows how to install UPnP in Windows Me and Windows XP . Inst alling UPnP in Windows Me Follow the steps below to install the UPnP in Windows Me.
Chapter 7 Home Netwo rki ng EMG5324-D10A User’s Guide 137 3 In the Communications window, select the Universal Plu g and Play check box in the Components selection box. Figure 49 Add/Remove Progr ams: Windows Setup: Communication: Components 4 Click OK to go back to the Add/Remove Programs Properties window and click Next .
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 138 4 The Windows Optional Networking Components Wizard window displays. Select Networking Service in the Components selection box and click Details . Figure 51 Windows Optional Networking Components Wizard 5 In the Networking Services window , select the Universal Plug and Play check box.
Chapter 7 Home Netwo rki ng EMG5324-D10A User’s Guide 139 6 Click OK to go back to the Windows Optional Networ king Component Wizard window and click Next . 7.10 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP .
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 140 3 In the Internet Connection Properties window , click Settings to see the port mappings there were automatically created.
Chapter 7 Home Netwo rki ng EMG5324-D10A User’s Guide 141 4 Y ou may edit or delete the port mappings or click Add to manually add port mappings. Figure 55 Internet Connection Properties: Advanced S.
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 142 6 Select Show icon in n otification area wh en connected option and click OK . An icon displays in the system tray . Figure 57 Sy st em T ray Ic o n 7 Double-click on the icon to display your cur rent Internet connection status.
Chapter 7 Home Netwo rki ng EMG5324-D10A User’s Guide 143 3 Select My Network Places und er Other Places . Figure 59 Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network .
Chapter 7 Home Networki n g EMG5324-D10A User’s Guide 144 5 Right-click on the icon for y our Device and select Invoke . The web configurator login screen displays. Figure 60 Network Connections: My Network Places 6 Right-click on the icon for y our Device and select Prope rties .
EMG5324-D10A User’s Guide 145 C HAPTER 8 Routing 8.1 Overview The Device usually uses the default gatew ay to route outbound tr affic from computers on the LAN to the Internet. T o have the Device send data to devices not reachable through the default gateway , use static routes.
Chapter 8 Routing EMG5324-D10A User’s Guide 146 8.2 Configuring S t atic Route Use this screen to view and configure IP static routes on the Device. Click Network Setting > Static Route to open the following screen. Figure 63 Network Setting > Static Route The following table describes the labels in this screen.
Chapter 8 Routing EMG5324-D10A User’s Guide 147 8.2.1 Add/Edit S t atic Route Click add new Static Route in the Routing screen or click the Edit icon next to a rule. The following screen appears. Use this screen to config ure the required information for a static route.
Chapter 8 Routing EMG5324-D10A User’s Guide 148.
EMG5324-D10A User’s Guide 149 C HAPTER 9 Quality of Service (QoS) 9.1 Overview This chapter discusses the Device’ s QoS screens. Use these screens to set up your Device to use QoS for tr affic management.
Chapter 9 Quality of Service (QoS) EMG5324-D10A User’s Guide 150 QoS versus C os QoS is used to prioritize source-to-destination traffic flows. All pack ets in the same flow are given the same priority .
Chapter 9 Quality of Service (QoS) EMG5324-D10A User’s Guide 151 The following table describes the labels in this screen. 9.3 The Queue Setup Screen Use this screen to configure QoS queue assignment. Click Network Setting > QoS > Queue Setup to open the screen as shown next.
Chapter 9 Quality of Service (QoS) EMG5324-D10A User’s Guide 152 The following table describes the labels in this screen. 9.3.1 Add/Edit a QoS Queue Use this screen to configure a queue. Click Add new queue in the Queue Setup screen or the Edit icon next to an existing queue.
Chapter 9 Quality of Service (QoS) EMG5324-D10A User’s Guide 153 9.4 The Class Setup Screen Use this screen to add, edit or delete QoS classifi ers. A classifier groups tr affic into data flows according to specific criteria such as the source address, destination address, source port number , destination port number or incoming interface.
Chapter 9 Quality of Service (QoS) EMG5324-D10A User’s Guide 154 The following table describes the labels in this screen. T able 36 Network Setting > QoS > Class Setup LABEL DESCRIPTION Add new Class ifier Click this to create a new classifie r .
Chapter 9 Quality of Service (QoS) EMG5324-D10A User’s Guide 155 9.4.1 Add/Edit QoS Class Click Add new Classifier in the Class Setup screen or the Edit icon next to an existing classifier to configure it. Figure 69 Class Setup: Add/Edit The following table describes the labels in this screen.
Chapter 9 Quality of Service (QoS) EMG5324-D10A User’s Guide 156 Class Nam e Enter a descriptive name of up to 32 prin table English keyboard char acters, including spaces. Classification Order Select an exi sting number for wh ere you w ant to put this cl assifier to move the classifier to the number y ou selected after clicking Apply .
Chapter 9 Quality of Service (QoS) EMG5324-D10A User’s Guide 157 IP Address If you select IP in t h e Ether Type field, sel ec t the check box and enter the sour ce IP address in dotted decimal notation. A blank sour ce IP address means a ny source IP address.
Chapter 9 Quality of Service (QoS) EMG5324-D10A User’s Guide 158 9.5 The QoS Monitor Screen T o view the Device’s QoS pack et statistics, click Network Setting > QoS > Monitor . The screen appears as shown. Figure 70 Network Setting > QoS > Monitor TCP A CK This field is av ailable only when y ou select IP in the Ether Type field.
Chapter 9 Quality of Service (QoS) EMG5324-D10A User’s Guide 159 The following table describes the labels in this screen. 9.6 QoS T echnical Reference This section provides some technical background information about the topics co vered in this chapter .
Chapter 9 Quality of Service (QoS) EMG5324-D10A User’s Guide 160 9.6.2 IP Precedence Similar to IEEE 802.1p prioritization at layer-2, you can use IP precedence to prioritize packets in a layer-3 network. IP precedence uses three bits of the eight-bit T oS (T ype of Service) field in the IP header .
EMG5324-D10A User’s Guide 161 C HAPTER 10 Network Address Translation (NAT) 10.1 Overview NA T (Network Ad dress T ranslation - NA T , RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another netw ork.
Chapter 10 Network Address Translation (NAT) EMG5324-D10A User’s Guide 162 Port Forwarding A port forwarding set is a list of inside (behind NA T on the LAN) servers, for example, web or F TP , that you can make visible to the o utside world even though NA T makes your whole inside network appear as a single computer to the outside world.
Chapter 10 Network Address Translation (NAT) EMG5324-D10A User’s Guide 163 10.2.1 The Port Forwarding Screen Click Network Setting > NAT to open the Port Forwarding screen. See Appendix E on page 353 for port numbers commonly used for particular services.
Chapter 10 Network Address Translation (NAT) EMG5324-D10A User’s Guide 164 10.2.2 The Port Forwarding Edit Screen This screen lets you create or edit a port forwarding rule. Click Add new rule in the Port Forwarding screen or the Edit icon next to an existing rule to open the following screen.
Chapter 10 Network Address Translation (NAT) EMG5324-D10A User’s Guide 165 10.3 The DMZ Screen In addition to the servers for specified services, NA T supports a default server IP address. A default server receives pack ets from ports that are not specified in the NAT Port Forwarding Setup screen.
Chapter 10 Network Address Translation (NAT) EMG5324-D10A User’s Guide 166 The following table describes the fields in this screen. 10.5 The Address Mapping Screen Ordering your rules is important because the Device applies the rules in the order that you specify .
Chapter 10 Network Address Translation (NAT) EMG5324-D10A User’s Guide 167 10.5.1 Add/Edit Address Mapping Rule T o add or edit an address mapping rule, click Add new rule or the rule’s edit icon in the Address Mapping screen to display the screen shown next.
Chapter 10 Network Address Translation (NAT) EMG5324-D10A User’s Guide 168 10.6 The ALG Screen Some NA T route rs may include a SIP Application Lay er Gateway (ALG ). A SIP ALG allows SIP calls to pass through NA T by examining and translatin g IP addresses embedded in the data stream.
Chapter 10 Network Address Translation (NAT) EMG5324-D10A User’s Guide 169 Global/local denotes the IP address of a host in a packet as th e packet tra verses a router , for example, the local addre.
Chapter 10 Network Address Translation (NAT) EMG5324-D10A User’s Guide 170 Device keeps track of the original addresses and port numbers so incoming reply packets can have their original values restored. The following figure illustrates this. Figure 79 How NA T W orks 192.
EMG5324-D10A User’s Guide 171 C HAPTER 11 DNS Route 1 1.1 Overview DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, y ou must know the IP address of a machine before you can access it.
Chapter 11 DNS Route EMG5324-D10A User’s Guide 172 1 1.2 The DNS Route Screen The DNS Route screens let you view and configure DNS routes on the Device. C lick Network Setting > DNS Route to open the DNS Route screen. Figure 81 Network Setting > DNS Route The following table describes the labels in this screen.
Chapter 11 DNS Route EMG5324-D10A User’s Guide 173 The following table describes the labels in this screen. T able 49 DNS Route: Add/Edit LABEL DESCRIPTION Active Sel ect this to activ ate this D NS route. Domain Nam e Enter the domain name you want to resolve.
Chapter 11 DNS Route EMG5324-D10A User’s Guide 174.
EMG5324-D10A User’s Guide 175 C HAPTER 12 Interface Group 12.1 Overview By default, all LAN and W AN interfaces on the De vice are in the same group and can communicate with each other . Create interface groups to have the Device assign the IP addr esses in different domains to different groups.
Chapter 12 Interface Group EMG5324-D10A User’s Guide 176 12.2.1 Interface Group Configuration Click the Add New Interface Group button in the Interface Group screen to open the following screen. Use this screen to create a new interface group. Note: An in te rface can bel o n g to only one group at a time.
EMG5324-D10A User’s Guide 177 C HAPTER 13 Firewall 13.1 Overview Use the Device firewall screens to enable and configure the firew all that protects your Device and network from attacks by hackers on the Internet and control access to it.
Chapter 13 Firewall EMG5324-D10A User’s Guide 178 13.1.2 What Y ou Need to Know Firewall The Device’ s firewall feature ph ysically separ ates the LAN/WLAN and the W AN and acts as a secure gateway for all data passing between the networks. It is designed to protect against Denial of Se rvice (DoS) attacks when activated.
Chapter 13 Firewall EMG5324-D10A User’s Guide 179 Click Security > Firewall to display the General screen. Figure 86 Security > Firewall > General The following table describes the labels in this screen. 13.3 The Services Screen Y ou can configure customized services and port numbers in the Service screen.
Chapter 13 Firewall EMG5324-D10A User’s Guide 180 Click Security > Firewall > Service to display the following screen. Figure 87 Security > Firewall > Services Each field is described in the following table.
Chapter 13 Firewall EMG5324-D10A User’s Guide 181 13.4 The Access Control Screen Click Security > Firewall > Access Control to display the following screen.
Chapter 13 Firewall EMG5324-D10A User’s Guide 182 13.4.1 Add/Edit an ACL Rule Click Add new ACL rule or the Edit icon next to an existing ACL rule in the Access Cont rol screen. The following screen displays. Figure 90 Access Control: Add/Edi t The following table describes the labels in this screen.
Chapter 13 Firewall EMG5324-D10A User’s Guide 183 13.5 The DoS Screen DoS (Denial of Service) attacks can flood y our Internet connection with inv alid packets and connection requests, using so much bandwidth and so many resources that Internet access becomes unav ailable.
Chapter 13 Firewall EMG5324-D10A User’s Guide 184 13.6.1 Guidelines For Enhancin g Security W ith Y our Firewall 1 Change the defau lt password via web co nfigurator . 2 Think about access control before you connect to the network in any way . 3 Limit who can access your Device.
EMG5324-D10A User’s Guide 185 C HAPTER 14 MAC Filter 14.1 Overview This chapter discusses MAC address filtering. Y ou can configure the Device to permit access to clients based on their MAC addresses in the MAC Filter screen. This applies to wired and wireless connections.
Chapter 14 MAC Filter EMG5324-D10A User’s Guide 186 The following table describes the labels in this menu. T able 58 Security > MAC Filter LABEL DESCRIPTION MAC Address Filter Select Enable to activ ate MAC address filtering. Set This is the index number of the MAC address.
EMG5324-D10A User’s Guide 187 C HAPTER 15 Parental Control 15.1 Overview Parental control allows you to block web sites with the specific URL. Y ou can also define time periods and da ys during which the Devi ce pe rforms parental control on a specific user .
Chapter 15 Parental Cont ro l EMG5324-D10A User’s Guide 188 15.2.1 Add/Edit a Parent al Control Rule Click Add new PCP in the Parental Control screen to add a new rule or click the Edit icon next to an existing rule to edit it.
Chapter 15 Parental Control EMG5324-D10A User’s Guide 189 Par en ta l Control Pr o fi le Name Enter a descriptive name for the rule. Home Networ k User Select the LAN user th at you w ant to apply t his rule to from the drop-down list box . If you select Custom , enter the L AN user’s MAC address.
Chapter 15 Parental Cont ro l EMG5324-D10A User’s Guide 190.
EMG5324-D10A User’s Guide 191 C HAPTER 16 Certificates 16.1 Overview The Device can use certificates (also called digital ID s) to authenticate users. Certificates are based on public-priv ate key pairs. A certificate contains the certificate owner ’s identity and public k ey .
Chapter 16 Certificates EMG5324-D10A User’s Guide 192 The Device uses ce rtificates based on public-key cryptology to authenticate users attempting to establish a connection. The method used to secure the data that y ou send through an established connection depends on the type of connection.
Chapter 16 Certificates EMG5324-D10A User’s Guide 193 Y ou can use a certificate’s fingerprint to verify it . A certificate’ s fingerprint is a message digest calculated using the MD5 or SHA1 algorithms. The following procedure describes how to check a certificate’ s fingerprint to v erify that you hav e the actual certificate.
Chapter 16 Certificates EMG5324-D10A User’s Guide 194 • SIP TLS - This certificate secures V oIP connections. • SSH/SCP/SFTP - This certificate secures remote connections.
Chapter 16 Certificates EMG5324-D10A User’s Guide 195 16.3 T rusted CA Use this screen to view a summary list of certificat es of the certification authorities that y ou have set the Device to accept as trusted.
Chapter 16 Certificates EMG5324-D10A User’s Guide 196 Note: Y ou must remove any spaces from t he certificat e’ s filename before you can import the certificate. Figure 99 T rusted CA > Import The following table describes the labels in this screen.
Chapter 16 Certificates EMG5324-D10A User’s Guide 197 Click Security > Cert ificates > Trusted CA to open the Trusted CA screen. Click the View icon to open the View Certificate screen. Figure 100 Tr u s t e d C A : V i e w The following table describes the labels in this screen.
Chapter 16 Certificates EMG5324-D10A User’s Guide 198 The following table describes the labels in this screen. 16.6.1 Import Certificate Click Import Certificate in the VPN Certificates screen to op en th e Im port Certificate scree n. Y ou can save a trusted certification authority’ s certificate to the Device.
Chapter 16 Certificates EMG5324-D10A User’s Guide 199 Figure 102 Security > Certificates > VPN Certificates The following table describes the labels in this screen.
Chapter 16 Certificates EMG5324-D10A User’s Guide 200.
EMG5324-D10A User’s Guide 201 C HAPTER 17 VPN 17.1 Overview A virtual private network (VPN) provides secure communications between sites without the expense of leased site-to-site lines. A secure VPN is a co mbination of tunneling, encryption, authentication, access control and auditing.
Chapter 17 VPN EMG5324-D10A User’s Guide 202 the Device and remote IPSec router can send data between computers on the local network and remote network. The followi ng figure illustrates this. Figure 104 VPN: IKE SA and IPSec SA In this example, a compute r in network A is exchanging data with a computer in network B .
Chapter 17 VPN EMG5324-D10A User’s Guide 203 The Secure Gateway IP Address ma y be configured as 0.0.0.0 only when using IKE key management and not Manual key manageme nt. Finding Out More See Section 17.6 on page 210 for advanced technical information on IPSec VPN.
Chapter 17 VPN EMG5324-D10A User’s Guide 204 The following table describes the fields in this screen. T able 67 Security > VPN > Setup LABEL DESCRIPTION Add New T unnel Click this button to se t u p VPN policies for a new tunnel # This is the VPN policy index nu mber .
Chapter 17 VPN EMG5324-D10A User’s Guide 205 17.3 The VPN Edit Screen Click on Add New Tunnel in the VPN Setup screen or click on the Edit icon to edit VPN policies. Both commands share the same screen. Figure 107 Security > VPN > Setup > Edit The following table describes the fields in this screen.
Chapter 17 VPN EMG5324-D10A User’s Guide 206 Local Specify the IP addresses of the devices behind t he Device that c an use the VPN tunnel. The local IP addres ses must corres pond to the remote IPSec ro uter's configured remote IP addresses. T wo active SAs cannot have the l ocal and remote IP address(es) both the s ame.
Chapter 17 VPN EMG5324-D10A User’s Guide 207 Content Whe n you select IP in the Loca l ID Type field, type the IP a ddress of your computer in the loc a l Content field. The Device automaticall y use s the IP address in th e My IP Address field (refer to the My IP Address fi eld description ) if you conf igure the loc al Content field to 0.
Chapter 17 VPN EMG5324-D10A User’s Guide 208 17.4 Configuring Advanced Settings Click Advanced Setup in the VPN Setup-Edit screen to open this screen. Figure 108 Security > VPN > Setup > Edit > Advanced Setup The following table describes the fields in this screen.
Chapter 17 VPN EMG5324-D10A User’s Guide 209 Authentica tion Algori thm Select MD5 , SHA1 , SHA2-256 or SHA2-512 from the drop-down list bo x. MD5 (Message Digest 5) and SHA1 (Secu re Hash Algorithm) and SHA2 are hash algorithms used to authen ticate packet data.
Chapter 17 VPN EMG5324-D10A User’s Guide 210 17.5 V iewing SA Monitor Click Security > VPN > Monitor to open the screen as shown. Use this screen to display and manage active VPN connections. A Security Association (SA) is the group of security settings related to a specific VPN tunnel.
Chapter 17 VPN EMG5324-D10A User’s Guide 21 1 17.6.1 IPSec Architecture The over all IPSec architecture is shown as follows. Figure 1 10 IPSec Architecture IPSec Algorithms The ESP (Encapsulating Se.
Chapter 17 VPN EMG5324-D10A User’s Guide 212 incoming packet by computing its own hash value, and complain that the hash value appended to the received packet doesn't match. The VPN devi ce at the receiving end doesn't know about the NA T in the middle, so it assumes that the data has been maliciously altered.
Chapter 17 VPN EMG5324-D10A User’s Guide 213 • Use ESP security protocol (in either tr ansport or tunnel mode). •U s e I K E k e y i n g m o d e . • Enable NA T trav ersal on both IPSec endpoints. • Set the NA T router to forward UDP port 500 to IPSec router A .
Chapter 17 VPN EMG5324-D10A User’s Guide 214 17.6.5 IKE Phases There are two phases to every IKE (Internet Ke y E xchange) negotiation – ph ase 1 (Authentication) and phase 2 (K ey Exchange). A phase 1 exchange establishes an IKE SA and the second one uses that SA to negotiate S As for IPSec.
Chapter 17 VPN EMG5324-D10A User’s Guide 215 17.6.6 Negotiation Mode The phase 1 Negotiation Mode you select determines how the Security Association (S A) will be established for each connection through IKE negotiations. • Main Mode ensures the highest level of security when the communicating parties are negotiating authentication (phase 1).
Chapter 17 VPN EMG5324-D10A User’s Guide 216 17.6.8 ID T ype and Content With aggressive negotiation mode (see Section 17.6.6 on page 2 15 ), the Device identifies incoming SAs by ID type and content since this identifyin g information is not encrypted.
Chapter 17 VPN EMG5324-D10A User’s Guide 217 The two Devices in this example can complete negotiation and establish a VPN tunnel. The two Devices in this example cannot comp lete their negotiation because Device B’ s Local ID type is IP , but Device A ’ s Peer ID type is set to E-mail .
Chapter 17 VPN EMG5324-D10A User’s Guide 218 addresses of their IPSec routers. The telecommuters must all use the same IPSec par ameters but the local IP addresses (or ranges of addresses) should not o verlap. Figure 1 15 T ele commuters Sharing One VPN Rule Example 17.
Chapter 17 VPN EMG5324-D10A User’s Guide 219 The Device at headquarters can also initiate VPN connections to the telecommuters since it can find the telecommuters by resolving their domain names.
Chapter 17 VPN EMG5324-D10A User’s Guide 220.
EMG5324-D10A User’s Guide 221 C HAPTER 18 VoIP 18.1 Overview Use this chapter to: • Connect an analog phone to the Device. • Make phone calls over the Internet, as well as the regular phone network. • Configure settings such as speed dial. • Configure network settings to optimize the voice quality of your phone calls.
Chapter 18 VoIP EMG5324-D10A User’s Guide 222 SIP SIP stands for Session Initiation Protocol. SIP is a signalling standard that lets one network device (like a computer or the Device) send messages to another . In V oIP , these messages are about phone calls over the network.
Chapter 18 VoIP EMG5324-D10A User’s Guide 223 • Y ou should have the information you r V oIP service provider gave y ou ready , before you start to configure the Device. 18.2 The SIP Service Provider Screen Use this screen to configure the SIP server inform ation, QoS for V oIP calls, the numbers for certain phone functions and dialing plan.
Chapter 18 VoIP EMG5324-D10A User’s Guide 224 The following table describes the labels in this screen. T able 79 VoIP > SIP > SIP Service Prov ider LABEL DESCRIPTION SIP Service Pro vider Selection Servi ce Provider Selecti on Select the SIP service pro vider profile you want to use for the SIP ac count you configu re in this screen.
Chapter 18 VoIP EMG5324-D10A User’s Guide 225 RTP P ort R ange Start P ort End P ort Enter the listening port number(s) for RT P traffic, if y our V oIP service provider gave y ou this information. Otherwise, keep the default values. T o enter one port number , en ter the port number in the Start Port and End Port fiel ds.
Chapter 18 VoIP EMG5324-D10A User’s Guide 226 18.3 The SIP Account Screen The Device uses a SIP account to make outgoing V oIP calls and check if an incoming call’ s destination number matches you r SIP account’s SIP number . In order to mak e or receive a V oIP call, you need to enable and configure a SIP account, and map it to a phone port.
Chapter 18 VoIP EMG5324-D10A User’s Guide 227 18.3.1 Add/Edit SIP Account Y ou can configure a new SIP account or edit one. T o access this screen, click Add new SIP Account in the SIP Account screen or Edit icon next to an existing account. Figure 1 19 SIP Account : Add /Edit Each field is described in the following table.
Chapter 18 VoIP EMG5324-D10A User’s Guide 228 SIP Acc ount Selecti on This shows the SIP account you are confi guring. Gener al SIP Acco unt Select the Active SIP Account ch ec k bo x if yo u w a nt to u se t hi s ac c ou n t. C le a r i t i f yo u d o not want to use this account.
Chapter 18 VoIP EMG5324-D10A User’s Guide 229 18.4 Multiple SIP Account s Y ou can set up two SIP accounts on your Device and your Device is equipped with two phone ports. By default, SIP1 of the Device maps to phone po rt 1 for incoming and outgoing, and SIP2 map s to phone port 2 for incoming and outgoing.
Chapter 18 VoIP EMG5324-D10A User’s Guide 230 18.5 Phone Screen Use this screen to control which SIP accounts and PSTN line each phone uses. Click VoIP > Phone to access the Pho ne Device sc reen. Figure 120 V oIP > Phone > Phone Device The following table describes the labels in this screen.
Chapter 18 VoIP EMG5324-D10A User’s Guide 231 The following table describes the labels in this screen. 18.6 The Phone Region Screen Use this screen to maintain settings that depend on which region of the world the Device is in. T o access this screen, click VoIP > Phone > Region .
Chapter 18 VoIP EMG5324-D10A User’s Guide 232 18.7 The Call Rule Screen Use this screen to add, edit, or remove speed-dial numbers for outgoing calls. Speed dial provides shortcuts for dialing frequently-used (V oIP) phone numbers. Y ou also have to create speed-dial entries if you want to call SIP numbers that contai n letters.
Chapter 18 VoIP EMG5324-D10A User’s Guide 233 18.8 T echnical Reference This section contains background material relev ant to the VoIP screens. 18.8.
Chapter 18 VoIP EMG5324-D10A User’s Guide 234 SIP Service Domain The SIP service domain of the V oIP service provider is the domain name in a SIP URI. For example, if the SIP address is 1122334455@V oIP-provider .com , then “V oIP-provider .com” is the SIP service domain.
Chapter 18 VoIP EMG5324-D10A User’s Guide 235 either A or B can act as a SIP user agent client to initiate a call. A and B can also both act as a SI P user agent to receive the call. Figure 124 SIP User Agent SIP Proxy Server A SIP proxy server receiv es requests from clients and forw ards them to another server .
Chapter 18 VoIP EMG5324-D10A User’s Guide 236 1 Client device A sends a call invitation for C to the SIP redirect serv er B . 2 The SIP redirect server sends the invitation back to A with C ’s IP address (or domain name). 3 Client device A then sends the call invitation to client device C .
Chapter 18 VoIP EMG5324-D10A User’s Guide 237 1 A sends a SIP INVITE request to B . This message is an invitation for B to participate in a SIP telephone call. 2 B sends a response indicating that the telephone is ringing. 3 B sends an OK response after the call is answered.
Chapter 18 VoIP EMG5324-D10A User’s Guide 238 MWI (Message W aiting Indication) Enable Message W aiting Indication (MWI) enable s your phone to give you a message–waiting (beeping) dial tone when you hav e a voice message (s).
Chapter 18 VoIP EMG5324-D10A User’s Guide 239 VLAN T agging Virtual Local Area Network (VLAN) allows a physical network to be partitioned into multiple logical networks. Only stations within the same group can communicate with each other . Y our Device can add IEEE 802.
Chapter 18 VoIP EMG5324-D10A User’s Guide 240 After pressing the flash key , if you do not issue the sub-command before the default sub-command time-out (2 seconds) expires or issue an inva lid sub-command, the current operation will be aborted. European Call Hold Call hold allows you to put a call ( A ) on hold by pressing the f lash key .
Chapter 18 VoIP EMG5324-D10A User’s Guide 241 European Call T ransfer Do the following to transfer a call (that you have answered) to another phone number . 1 Press the flash key to put the caller on hold. 2 When you hear the dial tone, dial “*98#” followed by the number to which y ou want to tr ansfer the call.
Chapter 18 VoIP EMG5324-D10A User’s Guide 242.
EMG5324-D10A User’s Guide 243 C HAPTER 19 Logs 19.1 Overview The web configurator allows you to choose which ca tegories of events and/or alerts to have the Device log and then display the logs or hav e the Device send them to an administr ator (as e-mail) or to a syslog server .
Chapter 19 Logs EMG5324-D10A User’s Guide 244 19.2 The System Log Screen Click System Monitor > Log to open the System L og screen. Use the System Log screen to see the system logs for the categories that y ou select in the upper le ft drop-do wn list box.
Chapter 19 Logs EMG5324-D10A User’s Guide 245 19.3 The Phone Log Screen Click System Monitor > Log to open the Phone Log screen. Use this screen to view phone logs and alert messages. Y ou can select the type of log and level of severity to displa y .
Chapter 19 Logs EMG5324-D10A User’s Guide 246 The following table describes the fields in this screen. T able 91 System Monitor > Log > VoIP Call History LABEL DESCRIPTION Select a category of call records to vi ew from the drop-down list box.
EMG5324-D10A User’s Guide 247 C HAPTER 20 Traffic Status 20.1 Overview Use the Traffic Status screens to look at network tr affic status and statistics of the W AN, LAN interfaces and NA T . 20.1.1 What Y ou Can Do in this Chapter •U s e t h e WAN screen to view the WAN tr affic statistics ( Section 20.
Chapter 20 Traffic Status EMG5324-D10A User’s Guide 248 20.3 The LAN S t atus Screen Click System Monitor > Tr affic Status > LAN to open the fol lowing screen. Y ou can view the LAN traffic statistics in this screen. Figure 132 System Monitor > T raffic Status > LAN The following table describes the fields in this screen.
Chapter 20 T raffic Status EMG5324-D10A User’s Guide 249 20.4 The NA T St atus Screen Click System Monitor > Traffic Status > NAT to open the following screen.
Chapter 20 Traffic Status EMG5324-D10A User’s Guide 250 20.5 The 3G Backup S t atus Screen Click System Monitor > Traffic Status > 3G Backup to open the following screen.
Chapter 20 T raffic Status EMG5324-D10A User’s Guide 251 20.6 The V oIP St atus Screen Click System Monitor > VoIP St atus to open the following screen. Y ou can view the V oIP traffic statistics in this screen. Figure 135 System Monitor > V oIP Status The following table describes the fields in this screen.
Chapter 20 Traffic Status EMG5324-D10A User’s Guide 252 Status This field displa ys the current s tate of the phone call. Idle - There are no current V oIP call s, incoming calls or out going calls being made. Dial - The callee’s phone is ringing.
EMG5324-D10A User’s Guide 253 C HAPTER 21 User Account 21.1 Overview Y ou can configure system password for different user accounts in the User Account screen. 21.2 The User Account Screen Use the User Account screen to configure system password. Click Maintenance > User Account to open the following screen.
Chapter 21 User Account EMG5324-D10A User’s Guide 254.
EMG5324-D10A User’s Guide 255 C HAPTER 22 Remote MGMT 22.1 Overview Remote MGMT allows you to manage your D evice from a remote location through the following interfaces: •L A N a n d W L A N •W A N o n l y Note: The Device is managed using the web configurator .
Chapter 22 Remote MGMT EMG5324-D10A User’s Guide 256 22.2 The Remote MGMT Screen Use this screen to decide what services you may use to access which Device interface. Click Maintenance > Remote MGMT to open the following screen. Figure 137 Maintenance > R emote MGMT The following table describes the fields in this screen.
EMG5324-D10A User’s Guide 257 C HAPTER 23 The SNMP Screen Simple Network Management Protocol is a protocol used for exchanging management information between network devices. Y our Device supports SN MP agent functionality , which allows a manager station to manage and monitor the Device through the network.
Chapter 23 The SNMP Screen EMG5324-D10A User’s Guide 258 • GetNext - Allows the manager to retrieve the next object v ariable from a table or list within an agent. In SNMPv1, when a manager w ants to retrieve all elements of a table from an agent, it initiates a Get operation, followed by a series of GetNext oper ations.
EMG5324-D10A User’s Guide 259 C HAPTER 24 System 24.1 Overview Y ou can configure system settings, including the host name, domain name and the inactivity time- out interval in th e System screen. 24.1.1 What Y ou Need to Know The following terms and concepts may help as you read this chapter .
Chapter 24 System EMG5324-D10A User’s Guide 260 The following table describes the labels in this screen. T able 100 Maintenance > System LABEL DESCRIPTION Host Name Choose a descriptive name for identification purposes. It is recommended you enter your computer’s “Computer name” in this field.
EMG5324-D10A User’s Guide 261 C HAPTER 25 Time Setting 25.1 Overview Y ou can configure the system’s time and date in th e Time Setting screen. 25.2 The T ime Setting Screen T o change your Device’ s time and date, click Maintenance > Time . The screen appears as shown.
Chapter 25 Time Setting EMG5324-D10A User’s Guide 262 Daylight Savi ngs Daylight savi ng is a period from late spring to early fall when many co untries set thei r clocks ahead of norm al local time by one hou r to give more day time light i n the evening.
EMG5324-D10A User’s Guide 263 C HAPTER 26 Log Setting 26.1 Overview Y ou can configure where the Device sends logs and which logs and/or immediate alerts the Device records in the Log Setting screen. 26.2 The Log Setting Screen T o change your Device’ s log settings, click Maintenance > Log Setting .
Chapter 26 Log Setting EMG5324-D10A User’s Guide 264 The following table describes the fields in this screen. T able 102 Maintenance > Log Setting LABEL DESCRIPTION Syslog Se tt ing Syslog Logging The Device sends a log to an exte rnal syslog server .
EMG5324-D10A User’s Guide 265 C HAPTER 27 Firmware Upgrade 27.1 Overview This chapter explains how to upload new firm w are to your Device. Y ou can download new firmware releases from your nearest Z yXEL F TP site (or www.zyx el.com) to use to upgr ade your device’ s performance.
Chapter 27 Firmware Upgrade EMG5324-D10A User’s Guide 266 After you see the firmware updating screen, w ait a few minutes before lo gging into the Device again. Figure 144 Firmware Uploading The Device automatically restarts in this time causing a temporary network disconnect.
EMG5324-D10A User’s Guide 267 C HAPTER 28 Backup/Restore 28.1 Overview The Backup/Restore screen allows y ou to backup and restore device configur ations. Y ou can also reset your device settings back to the factory default. 28.2 The Backup/Restore Screen Click Maintenance > Backup/Restore .
Chapter 28 Backup/Res to re EMG5324-D10A User’s Guide 268 Restore Configuration R estore Configuration allows y ou to upload a new or previously sa ved configur ation file from your computer to your Device. Do not turn off the Device while confi guration file upload is in progress.
Chapter 28 Backup/Restore EMG5324-D10A User’s Guide 269 Reset to Factory Default s Click the Reset button to clear all user-entered configur ation information and return the Device to its factory defaults.
Chapter 28 Backup/Res to re EMG5324-D10A User’s Guide 270.
EMG5324-D10A User’s Guide 271 C HAPTER 29 Diagnostic 29.1 Overview Y ou can use different diagnostic methods to test a connection and see the detailed information. These read-only screens display information to help you identify problems with the Device.
Chapter 29 Diagnostic EMG5324-D10A User’s Guide 272 29.3 The DSL Line Screen Click Maintenance > Diagnostic > DSL Li ne to open the screen shown next. Figure 152 Maintenance > Diagnostic > DSL Line The following table describes the fields in this screen.
EMG5324-D10A User’s Guide 273 C HAPTER 30 Troubleshooting 30.1 Overview This chapter offers some suggestions to solve problems you might encounter . The potential problems are divided into the following categories.
Chapter 30 Troubleshoo ting EMG5324-D10A User’s Guide 274 3 Inspect your cables for damage. Contact the vendor to replace any damaged cables. 4 T urn the Device off and on. 5 If the problem continues, contact the v endor . 30.3 Device Access and Login I forgot the IP address for the Device.
Chapter 30 Troubleshooting EMG5324-D10A User’s Guide 275 4 R eset the device to its factory defaults, and try to access the Device with the default IP address. See Section 1.7 on page 22 . 5 If the problem continues, contact the network admi nistrator or vendor , or try one of the advanced suggestions.
Chapter 30 Troubleshoo ting EMG5324-D10A User’s Guide 276 30.4 Internet Access I cannot access the In ter net . 1 Check the hardware connections, and make sure th e LEDs are behaving as expected. See the Quick Start Guide and Section 1.6 on page 20 .
Chapter 30 Troubleshooting EMG5324-D10A User’s Guide 277 3 If the problem continues, contact yo ur ISP . The Internet connection is slow or intermittent. 1 There might be a lot of traffic on the network. Look at the LEDs, and check Section 1.6 on page 20 .
Chapter 30 Troubleshoo ting EMG5324-D10A User’s Guide 278 What wireless securit y modes does my Device support ? Wireless security is vital to your network.
Chapter 30 Troubleshooting EMG5324-D10A User’s Guide 279 30.7 USB Device Connection The Device fails to detect m y USB device. 1 Disconnect the USB device. 2 R eboot the Device. 3 If you are connecting a USB hard driv e that comes with an external power supply , make sure it is connected to an appropriate power source that is on.
Chapter 30 Troubleshoo ting EMG5324-D10A User’s Guide 280.
EMG5324-D10A User’s Guide 281 C HAPTER 31 Wall-mounting Instructions Do the following to hang your Device on a wall. Note: See T able 155 on page 282 for the si ze of sc rews to use and how far apart to pl ace them. 1 Align the holes on the back of the supplied wall- mounting brack et with the screws.
Chapter 31 Wall-moun ti n g In stru ct io ns EMG5324-D10A User’s Guide 282 5 Mount the Device on the wall-mounting br acket, which is already installed on the wall. Mak e sure that the Device is firmly attached to the br acket so it does not fall off .
EMG5324-D10A User’s Guide 283 A PPENDIX A IP Addresses and Subnetting This appendix introduces IP addresses a nd subnet masks. IP addresses identify individual devices on a netw ork. Every networking device (such as computers, servers, routers, and printers) needs an IP a ddress to communicate across the network.
Appendix A I P Addresses and Subnetting EMG5324-D10A User’s Guide 284 The following figure shows an example IP address in which the first three octets (192.
Appendix A IP Addresses and Subnetting EMG5324-D10A User’s Guide 285 Subnet masks can be referred to by the size of th e network number part (the bits with a “1” v alue). For example, an “8-bit mask” means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes.
Appendix A I P Addresses and Subnetting EMG5324-D10A User’s Guide 286 The following table shows some possible subnet masks using both notations. Subnetting Y ou can use subnet ting to divide one network into multiple sub-networks.
Appendix A IP Addresses and Subnetting EMG5324-D10A User’s Guide 287 The following figure shows the company netw ork after subnetting . There are now two sub- networks, A and B .
Appendix A I P Addresses and Subnetting EMG5324-D10A User’s Guide 288 Example: Eight Subnet s Similarly , use a 27-bit mask to create eight subn ets (000, 001, 010, 011, 100, 101, 110 and 111). Subnet Address: 192.168.1.0 Lowest Hos t ID: 192.168.1.
Appendix A IP Addresses and Subnetting EMG5324-D10A User’s Guide 289 The following table shows IP address last octet values for each subnet. Subnet Planning The following table is a summary fo r subnet planni ng on a network with a 24-bit network number .
Appendix A I P Addresses and Subnetting EMG5324-D10A User’s Guide 290 Configuring IP Addresses Where you obtain your n etwork number depends on your particular situation. If the ISP or your network administrator assigns y ou a block of regist ered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
Appendix A IP Addresses and Subnetting EMG5324-D10A User’s Guide 291 IP Address Conflict s Each device on a network must have a unique IP address. Devices with duplicate IP addresses on the same network will not be able to access the Internet or other resources.
Appendix A I P Addresses and Subnetting EMG5324-D10A User’s Guide 292 Conflicting Computer and R outer IP Addresses Example More than one device can not use the same IP addr ess. In the following examp le, the computer and the router’s LAN port both use 192.
EMG5324-D10A User’s Guide 293 A PPENDIX B Setting Up Y our Computer ’ s IP Address Note: Y our specific Device may not support all of t he oper ating systems described in this appendix. See the product specifications for more information about which operating systems are sup ported.
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 294 1 Click Start > Control Panel . Figure 162 Windows XP: Start Menu 2 In the Control Panel , click the Network Connections icon.
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 295 3 Right-click Local Area Connection and then select Properties . Figure 164 Windows XP: Control Panel > Network Connections > Properties 4 On the General tab, select Internet Protocol (TCP/I P) and then click Properties .
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 296 5 The Internet Protocol TCP/IP Properties window opens. Figure 166 Windows XP: Internet Protocol (TCP/IP) Properties 6 Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically .
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 297 Windows V ist a This section shows screens from Windows Vista Professional. 1 Click Start > Control Panel . Figure 167 Windows Vista: Start Menu 2 In the Control Panel , click the Network and Internet icon.
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 298 4 Click Manage network connections . Figure 170 Windows Vista: Network and Sharing Center 5 Right-click Local Area Connection and then select Properties .
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 299 6 Select Internet Protocol Version 4 (TCP/IPv 4) and then select Properties .
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 300 7 The Internet Protocol Version 4 (TCP/IPv4) Properties window opens. Figure 173 Windows Vista: Internet Protocol V ersion 4 (T CP/IPv4) Properties 8 Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically .
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 301 Windows 7 This section shows screens from Windows 7 Enterprise. 1 Click Start > Control Panel . Figure 174 Windows 7: Start Menu 2 In the Control Panel , click View network status and tasks under the Network and Intern et category .
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 302 4 Double click Local Area Connection and then sele ct Properties . Figure 177 Windows 7: Local Area Connection Status Note: During this procedure, cl ick Continue whenever Windows displays a sc reen saying that it needs your permissi on to continue.
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 303 5 Select Internet Protocol Version 4 (TCP/IPv 4) and then select Properties .
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 304 6 The Internet Protocol Version 4 (TCP/IPv4) Properties window opens. Figure 179 Windows 7: Internet Protocol V ersion 4 (T CP/IPv4) Properties 7 Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically .
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 305 3 The IP settings are displayed as follows. Figure 180 Windows 7: Internet Protocol V ersion 4 (T CP/IPv4) Properties Mac OS X: 10.3 and 10.4 The screens in this section are from Ma c OS X 10.
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 306 2 In the System Preferen ces window , click the Network icon. Figure 182 Mac OS X 10.4: System Preferences 3 When the Network preferences pane opens, select Built-in Et hernet from the network connection type list, and then click Config ure.
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 307 4 For dynamically assigned settings, select Using DHCP from the Configur e IPv4 list in the TCP/IP tab. Figure 184 Mac OS X 10.4: Network Preferences > TCP/IP T ab.
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 308 •I n t h e Router field, type the IP address of your device. Figure 185 Mac OS X 10.
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 309 1 Click Apple > System Preferen ces . Figure 187 Mac OS X 10.5: Apple Menu 2 In System Preferen ces , click the Network icon.
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 310 3 When the Network preferences pane opens, select Ethernet from the list of av ailable connection types. Figure 189 Mac OS X 10.5: Network Preferences > Ethernet 4 From the Configure list, select Using DHCP for dynamically assigned settings.
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 31 1 •I n t h e Router field, enter the IP address of your Device. Figure 190 Mac OS X 10.
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 312 V erifying Settings Check your TCP/IP properties by clicking Appli cations > Utilities > Network Utilities , and then selecting the appropriate Network interface from the Info tab.
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 313 2 When the Network Settings window opens, click Unlock to open the Authenticate window. (By default, the Unlock button is greyed out until clicked.) Y ou cannot make changes to your configuration unless you first enter your admin password.
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 314 4 In the Network Settings window, select the connection that you want to configure, then click Properties . Figure 195 Ubuntu 8: Network Settings > Connections 5 The Properties dialog box opens.
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 315 7 If you know your DNS server IP address(es), click the DNS tab in the Network Settings window and then enter the DNS server information in the fields provided. Figure 197 Ubuntu 8: Network Settings > DNS 8 Click the Close button to apply the changes.
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 316 V erifying Settings Check your TCP/IP properties by clicking System > Ad ministrati on > Network Tools , and then selecting the appropriate Network device from the Devices tab.
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 317 1 Click K Menu > Computer > Administrator Settings (YaST) . Figure 199 openSUSE 10.3: K Men u > Computer Menu 2 When the Run as Root - KDE su dialog opens, enter the admin password and click OK .
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 318 3 When the YaST Control Center window opens, select Network Devices and then click the Network Card icon.
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 319 5 When the Network Card Setup window opens, click the Address tab Figure 203 openSUSE 10.3: Network Ca rd Setup 6 Select Dynamic Address (DHCP) if you have a dyn amic IP address.
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 320 8 If you know your DNS server IP address(es), click the Hostname/DNS tab in Network Settings and then enter the DNS server information in the fields provided. Figure 204 openSUSE 10.
Appendix B Setting Up You r Computer’s IP Address EMG5324-D10A User’s Guide 321 When the Connection Status - KNetwork Manager window opens, click the Statistics tab to see if your connection is working properly .
Appendix B Se tting Up Your Computer’s IP Address EMG5324-D10A User’s Guide 322.
EMG5324-D10A User’s Guide 323 A PPENDIX C Pop-up Windows, JavaScript and Java Permissions In order to use the web configur ator you need to allow: • W eb browser pop-up windows from your device. • JavaS cript (enabled by default). • Jav a pe rmission s (en a bled by default).
Appendix C Pop-up Windows, JavaScript and Java Permissions EMG5324-D10A User’s Guide 324 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 208 Internet Options: Privacy 3 Click Apply to save this setting.
Appendix C Pop-up Windows, JavaScript and Java Permissions EMG5324-D10A User’s Guide 325 2 Select Settings… to open the Pop-up Bloc ker Settings screen. Figure 209 Internet Options: Privacy 3 T ype the IP address of your device (the web page that y ou do not w ant to hav e blocked) with the prefix “http://” .
Appendix C Pop-up Windows, JavaScript and Java Permissions EMG5324-D10A User’s Guide 326 4 Click Add to move the IP address to the list of Allowed sites . Figure 210 Pop-up Block er Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting.
Appendix C Pop-up Windows, JavaScript and Java Permissions EMG5324-D10A User’s Guide 327 1 In Internet Explorer , click Tools , Internet Options and then the Security tab. Figure 211 Internet Options: Security 2 Click the Custom Level... button. 3 Scroll down to Scripting .
Appendix C Pop-up Windows, JavaScript and Java Permissions EMG5324-D10A User’s Guide 328 6 Click OK to close the window. Figure 212 Security Settings - Jav a Scripting Java Permissions 1 From Internet Explorer , click Tools , Internet Option s and then the Security tab.
Appendix C Pop-up Windows, JavaScript and Java Permissions EMG5324-D10A User’s Guide 329 5 Click OK to close the window. Figure 213 Security Settings - Jav a JA V A (Sun) 1 From Internet Explorer , click Tools , Internet Option s and then the Advance d tab.
Appendix C Pop-up Windows, JavaScript and Java Permissions EMG5324-D10A User’s Guide 330 3 Click OK to close the window. Figure 214 Java (Sun) Mozilla Firefox Mozilla Firefox 2.0 screens are used here. Screens for other v ersions may vary . Y ou can enable Java, Ja vaScript and pop-ups in one screen.
Appendix C Pop-up Windows, JavaScript and Java Permissions EMG5324-D10A User’s Guide 331 Click Content .to show the screen below . Select the check boxes as shown in the following screen.
Appendix C Pop-up Windows, JavaScript and Java Permissions EMG5324-D10A User’s Guide 332.
EMG5324-D10A User’s Guide 333 A PPENDIX D Wireless LANs Wireless LAN T opologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an indepe ndent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B, C).
Appendix D Wireless LANs EMG5324-D10A User’s Guide 334 disabled, wireless client A and B can still access the wired network but cannot communicate with each other .
Appendix D Wireless LANs EMG5324-D10A User’s Guide 335 An ESSID (ES S IDentification) uniquely identifies each ESS. All access points and their associated wireless clients within the same ESS must have the same ES SID in order to communicate.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 336 cannot "hear" each other , that is they do not know if the channel is currently being used. Therefore, they are considered hidden from each othe r . Figure 220 RT S/CTS When station A sends data to the AP , it might not know that the station B is already using the channel.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 337 If the Fragmentation Threshold value is smaller than the RTS/CT S value (see previously) you set then the R TS (Request T o Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 338 The following figure shows the relative effectivenes s of these wireless security methods available on your Dev ic e . Note: Y ou must enable the same wireless se curit y settings on the Device and on all wireless clients that y ou want to associate wit h it.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 339 RADIUS is a simple package exchange in wh ich your AP acts as a me ssage relay between the wireless client and the network RADIUS server .
Appendix D Wireless LANs EMG5324-D10A User’s Guide 340 EAP-MD5 (Message-Dig est Algorithm 5) MD5 authentication is the simplest one-w ay authentication method.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 341 If this feature is enabled, it is not necessary to configure a default encryption k ey in the wireless security configuration screen. Y ou ma y still configure and store keys, but they will not be used while dynamic WEP is enabled.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 342 called Rijndael. They both include a per -packet key mixing function, a Message Integrity Check (MIC) named Michael, an extended initialization vector (IV) with se quencing rules, and a re-keying mechanism.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 343 WP A(2) with RADIUS Application Example T o set up WPA(2), you need the IP address of the RADIUS server , its port number (default is 1812), and the RADIUS shared secret. A WPA(2) applicat ion example with an external RADIUS server looks as follows.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 344 4 The AP and wireless clie nts use the TKIP or AE S encryption process, the PMK and information exchanged in a handshake to create tempor al encryp tion keys. They use these keys to encrypt data exchanged between them.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 345 Antenna Characteristics Frequency An antenna in the frequency of 2.4GHz (IEEE 802.11b and IEEE 802.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 346 WiFi Protected Setup Y our Device supports WiFi Protected Setup (WPS), which is an easy way to set up a secure wireless network. WPS is an industry standard sp ecification, defined by the WiFi Alliance.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 347 1 Decide which device you want to be the registra r (usually th e AP) and which you want to be the enrollee (usually the client). 2 Look for the enrollee’ s WPS PIN; it may be displa y ed on the device.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 348 The following figure shows a WPS-enabled wireless client (installed in a notebook computer) connecting to the WPS-enab led AP via the PIN method. Figure 223 Example WPS Process: PIN Method How WPS Works When two WPS-enabled devices connect, each device must assume a specific role.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 349 The following figure shows a WPS-enabled client (i nstalled in a notebook computer) connecting to a WPS-enabled access point. Figure 224 How WPS works The roles of registrar and enrollee last only as long as the WPS setup process is active (two minutes).
Appendix D Wireless LANs EMG5324-D10A User’s Guide 350 is the registrar , and Client 1 is the enrollee. The registrar r andomly generates the security information to set up the networ k, since it is unconfigured and has no existing information. Figure 225 WPS: Example Network Step 1 In step 2 , you add another wireless client to the network.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 351 In step 3, you add another access point ( AP2 ) to your network. AP2 is out of range of AP1 , so y ou cannot use AP1 for the WPS handshake with the new access point. However , y ou know that Client 2 supports the registr ar function, so you use it to perf orm the WPS handshake instead.
Appendix D Wireless LANs EMG5324-D10A User’s Guide 352 • When you use the PBC m ethod, there is a short period (from the moment you press the button on one device to the moment you press the bu tton on the other device) when any WPS-enabled device could join the network.
EMG5324-D10A User’s Guide 353 A PPENDIX E Common Services The following table lists some commonly-used services and their associated protocols and port numbers. For a comprehensive list of port number s, ICMP t ype/code numbers and services, visit the IANA (I nterne t Assigned Number Authority) web site.
Appendix E C ommon Services EMG5324-D10A User’s Guide 354 HT TP TCP 80 Hyper T ext T ransfer Protocol - a client/ server protocol for the worl d wide web. HT TPS TCP 443 HTTPS is a se cured http session often use d in e-commer ce . ICMP User-Defined 1 Internet Control Message Protocol is often used for diagnostic or routing purposes.
Appendix E Common Services EMG5324-D10A User’s Guide 355 SMTP TCP 25 Simple Mail T ransfer Protocol is the message-exchange standard for the Internet. SMTP enab les y ou to move messages from one e-mail server to another . SNMP TCP /U D P 161 Simple Network Management Pro gram.
Appendix E C ommon Services EMG5324-D10A User’s Guide 356.
EMG5324-D10A User’s Guide 357 A PPENDIX F IPv6 Overview IPv6 (Internet Protocol version 6), is de signed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from t he 32-bit IPv4 address) allows up to 3.4 x 10 38 IP addresses.
Appendix F IPv6 EMG5324-D10A User’s Guide 358 Link-local Address A link -local address uniquely identifies a device on the local ne twork (the LAN). It is similar to a “priv ate IP address” in IPv4. Y ou can have the same link -local address on multiple interfaces on a de vice.
Appendix F IPv6 EMG5324-D10A User’s Guide 359 The following table describes the multicas t addres ses which are reserved and can not be assigned to a multicast group. Subnet Masking Both an IPv6 address and IPv6 subnet mask compose of 128-bit binary digits, which are divided into eight 16-bit blocks and written in hexadecimal notation.
Appendix F IPv6 EMG5324-D10A User’s Guide 360 MAC address and complements the sev enth bit of the first byte of the MAC address. See the following example. St ateless Au toconfiguration With stateless autoconfigur ation in IPv6, addresses can be uniquely and automatically generated.
Appendix F IPv6 EMG5324-D10A User’s Guide 361 IA assigned to an interface to obtain configur ation from a DHCP server for that interface. Each IA consists of a uni q ue IAID and associated IP information. The IA type is the type of address in the IA.
Appendix F IPv6 EMG5324-D10A User’s Guide 362 ICMPv6 Internet Control Message Protocol for IPv6 (ICMPv6 or ICMP for IPv6) is defined in RFC 4443. ICMPv6 has a precedi ng Next He ader v alue of 58, which is different from the value used to identi fy ICMP for IPv4.
Appendix F IPv6 EMG5324-D10A User’s Guide 363 and can be reached directly without pass ing through a router . If the address is unlink, the address is considered as the next hop. Otherwise, the Device determines the next -hop from the default router list or routing table.
Appendix F IPv6 EMG5324-D10A User’s Guide 364 also displays how to us e th e ipconfig command to see auto-generated IP addresses. IPv6 is installed and enabled by default in Windows Vista. Use the ipconfig command to check your aut omatic configured IPv6 address as well.
Appendix F IPv6 EMG5324-D10A User’s Guide 365 4 Double c lick Dibbler - a DHCPv 6 client . 5 Click Start and then OK . 6 Now your computer can obtain an IP v6 address from a DHCPv6 server . Example - Enabling IPv6 on Windows 7 Windows 7 supports IPv6 b y default.
Appendix F IPv6 EMG5324-D10A User’s Guide 366 1 Select Control Panel > Network and Sharing Center > Local Area Connection . 2 Select the Internet Protocol Version 6 (TCP/IPv6) checkbox to enable it. 3 Click OK to sav e the change. 4 Click Close to exit the Local Area Connection Status screen.
Appendix F IPv6 EMG5324-D10A User’s Guide 367 6 Use the ipconfig command to check your dynamic IPv6 address. This example shows a global address (2001:b021:2d::1000) obtained from a DHCP server . C:>ipconfig Windows IP Configuration Ethernet adapter Local Area Connecti on: Connection-specific DNS Suffix .
Appendix F IPv6 EMG5324-D10A User’s Guide 368.
EMG5324-D10A User’s Guide 369 A PPENDIX G Legal Information Copyright Copyright © 2012 by Z yXEL Communications Corporation. The contents of this publication may not be repr oduced in any part or a.
Appendix G Legal Information EMG5324-D10A User’s Guide 370 • This device may not cause harmful interference. • This device must accept any interference re ceiv ed, including interference that may cause undesired oper ations.
Appendix G Legal Information EMG5324-D10A User’s Guide 371 Notices Changes or modifications not expressly approved by the part y responsible for compliance could void the user's authority to operate the equipment. This device is designed for the WLAN 2.
Appendix G Legal Information EMG5324-D10A User’s Guide 372 Registration Register y our product online to receive e-mail no tices of firmw are upgrades and inform ation at www .zyxel.com. Safety W arnings • Do NOT u se this product near w ater , for example, in a wet basement or near a swimming pool.
Index EMG5324-D10A User’s Guide 373 Index A ACK message 237 ACL rule 182 activation firewalls 178 media server 130 SIP ALG 168 SSID 104 wireless LAN scheduling 108 adding a printer e xample 55 admin.
Index EMG5324-D10A User’s Guide 374 client-server protocol 234 comfort noise generation 222 configuration 132 backup 267 firewalls 178 reset 269 restoring 268 copyright 369 CoS 160 , 238 CTS (Clear .
Index EMG5324-D10A User’s Guide 375 G G.168 222 Guide Quick Start 2 H hidden node 335 host 253 host name 77 I IANA 133 , 290 IBSS 333 ID type and content 216 IEEE 802.
Index EMG5324-D10A User’s Guide 376 M MAC 77 , 185 MAC address 126 filter 111 MAC address filtering 185 MAC filter 185 managing the device good habits 20 usi ng FT P .
Index EMG5324-D10A User’s Guide 377 R RADIUS 338 message types 339 messages 339 shared secret key 339 RADIUS server 111 R eal time T ransport Protocol, see R TP registration product 372 related docu.
Index EMG5324-D10A User’s Guide 378 thresholds data fragment 11 0 RTS / C T S 11 0 TKIP 341 To S 238 TPID 92 trademarks 369 trusted CAs, and certificates 195 tunnel mode 213 tutorial Vo I P 39 wirel.
Index EMG5324-D10A User’s Guide 379 RADIUS server 111 RTS / C T S t hr e s h o l d 11 0 scheduling 108 security 11 0 SSID 111 activation 104 WEP 11 2 WPA 11 2 WPA -PSK 11 2 WPS 11 3 , 11 6 example 1.
Index EMG5324-D10A User’s Guide 380.
Index EMG5324-D10A User’s Guide 381.
Index EMG5324-D10A User’s Guide 382.
An important point after buying a device ZyXEL Communications EMG5324-D10A (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought ZyXEL Communications EMG5324-D10A yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data ZyXEL Communications EMG5324-D10A - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, ZyXEL Communications EMG5324-D10A you will learn all the available features of the product, as well as information on its operation. The information that you get ZyXEL Communications EMG5324-D10A will certainly help you make a decision on the purchase.
If you already are a holder of ZyXEL Communications EMG5324-D10A, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime ZyXEL Communications EMG5324-D10A.
However, one of the most important roles played by the user manual is to help in solving problems with ZyXEL Communications EMG5324-D10A. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device ZyXEL Communications EMG5324-D10A along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center